1.\" Copyright (c) 2001 Networks Associates Technology, Inc. 2.\" All rights reserved. 3.\" 4.\" This software was developed for the FreeBSD Project by Chris 5.\" Costello at Safeport Network Services and NAI Labs, the Security 6.\" Research Division of Network Associates, Inc. under DARPA/SPAWAR 7.\" contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS 8.\" research program. 9.\" 10.\" Redistribution and use in source and binary forms, with or without 11.\" modification, are permitted provided that the following conditions 12.\" are met: 13.\" 1. Redistributions of source code must retain the above copyright 14.\" notice, this list of conditions and the following disclaimer. 15.\" 2. Redistributions in binary form must reproduce the above copyright 16.\" notice, this list of conditions and the following disclaimer in the 17.\" documentation and/or other materials provided with the distribution. 18.\" 3. The name of the author may not be used to endorse or promote 19.\" products derived from this software without specific prior written 20.\" permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" $FreeBSD$ 35.\" 36.Dd December 21, 2001 37.Dt MAC_SET 3 38.Os 39.Sh NAME 40.Nm mac_set_file , 41.Nm mac_set_fd , 42.Nm mac_set_proc 43.Nd set the MAC label for a file or process 44.Sh LIBRARY 45.Lb libc 46.Sh SYNOPSIS 47.In sys/mac.h 48.Ft int 49.Fn mac_set_file "const char *path_p" "mac_t label" 50.Ft int 51.Fn mac_set_fd "int fd" "mac_t label" 52.Ft int 53.Fn mac_set_proc "mac_t label" 54.Sh DESCRIPTION 55The 56.Fn mac_set_file 57and 58.Fn mac_set_fd 59functions associate a MAC label 60specified by 61.Fa label 62to the file referenced to by 63.Fa path_p , 64or to the file descriptor 65.Fa fd , 66respectively. 67Note that this function will fail on socket descriptors. 68For information on 69setting MAC labels on socket descriptors see 70.Xr setsockopt 2 . 71The 72.Fn mac_set_proc 73function associates the MAC label 74specified by 75.Fa label 76to the calling process. 77.Pp 78A process is allowed to set a label for a file 79only if it has MAC write access to the file, 80and its effective user ID is equal to 81the owner of the file, 82or has appropriate privileges. 83.Sh RETURN VALUES 84.Rv -std mac_set_fd mac_set_file mac_set_proc 85.Sh ERRORS 86.Bl -tag -width Er 87.It Bq Er EACCES 88MAC write access to the file is denied. 89.It Bq Er EBADF 90.Fa fd 91is not a valid file descriptor. 92.It Bq Er EINVAL 93.Fa label 94is not a valid MAC label. 95.It Bq Er EOPNOTSUPP 96Setting MAC labels is not supported 97by the file referenced by 98.Fa fd . 99.It Bq Er EPERM 100The calling process had insufficient privelege 101to change the MAC label. 102.It Bq Er EROFS 103File system for the object being modified 104is read only. 105.It Bq Er ENAMETOOLONG 106.\" XXX POSIX_NO_TRUNC? 107The length of the pathname in 108.Fa path_p 109exceeds 110.Dv PATH_MAX , 111or a component of the pathname 112is longer than 113.Dv NAME_MAX . 114.It Bq Er ENOENT 115The file referenced by 116.Fa path_p 117does not exist. 118.It Bq Er ENOTDIR 119A component of the pathname 120referenced by 121.Fa path_p 122is not a directory. 123.El 124.Sh SEE_ALSO 125.Xr mac 3 , 126.Xr mac_free 3 , 127.Xr mac_get 3 , 128.Xr mac_text 3 129